lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20240812132354.GA23655@lst.de>
Date: Mon, 12 Aug 2024 15:23:54 +0200
From: Christoph Hellwig <hch@....de>
To: Tariq Toukan <ttoukan.linux@...il.com>
Cc: Sagi Grimberg <sagi@...mberg.me>, Christoph Hellwig <hch@....de>,
	Anna Schumaker <Anna.Schumaker@...app.com>,
	Trond Myklebust <trondmy@...nel.org>, linux-nfs@...r.kernel.org,
	Boris Pismenny <borisp@...dia.com>,
	John Fastabend <john.fastabend@...il.com>,
	Jakub Kicinski <kuba@...nel.org>,
	Maxim Mikityanskiy <maxtram95@...il.com>,
	David Howells <dhowells@...hat.com>,
	Sabrina Dubroca <sd@...asysnail.net>,
	Mina Almasry <almasrymina@...gle.com>,
	Saeed Mahameed <saeedm@...dia.com>, Gal Pressman <gal@...dia.com>,
	Networking <netdev@...r.kernel.org>,
	Paolo Abeni <pabeni@...hat.com>, Eric Dumazet <edumazet@...gle.com>,
	"David S. Miller" <davem@...emloft.net>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Leon Romanovsky <leon@...nel.org>, Tariq Toukan <tariqt@...dia.com>,
	drort@...dia.com
Subject: Re: [Bug report] NFS patch breaks TLS device-offloaded TX zerocopy

On Mon, Aug 12, 2024 at 04:15:35PM +0300, Tariq Toukan wrote:
>> Can you explain where in your test is NFS used? Is the nginx server runs 
>> on an NFS mount?
>
> I checked with the team.
> The requested file, as well as the wrk and nginx apps, all reside on an NFS 
> mount.

So maybe I misunderstood the workload.  You aren't using the NFS over
TLS, but your are webserving using sendfile with the TLS offload,
with the data coming from a NFS share that isn't using TLS?

In that case NFS really is just the trigger here and you'd see the
exact same behavior when serving from another large folios enabled
file system like XFS, or probably also when serving from anonymous
memory.  This very clearly points to a debug in the hardware TLS
offload.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ